A study carried out by CyberPeace Foundation, a civil society group, revealed it was Indian oil companies were hit with 3.6 lakh cyberattacks over six months.
OIL Incident OIL Incident
The most prominent and recent of these attacks occurred between October 2021 to the 12th of April 2022 at Oil India Ltd’s (OIL) Assam headquarters.
The public company discovered an unpaid ransom note in one of the affected computers that demanded $7,500,000 (approximately the equivalent of Rs. 57 crore) in spite of the fact that the company claims that the attack didn’t impact its operations.
It later claimed it had taken the necessary measures.
What Data Was Collecting
An CyberPeace Foundation spokesperson said that they collect information about “attack patterns, the various kinds of vectors for attack” and collect useful data through the deployment of”simulated networks” “simulated cyber-security network”.
An attack vector is the method employed by hackers to attack weaknesses and gain access to networks or systems.
The perpetrators typically used FTP, HTTP, s7comm, Modbus, SNMP and BACnet as their attack methods.
The number of attacks reported increased to 3.6 lakhs in just six months
They analyzed real-time cyberattacks from October 2021 and April 12.
19342 threats were identified in February, the lowest during this time. October was the month with the highest amount of attacks, at 117,000.
April is likely to bring huge numbers, as 2383 hits were recorded as of April 12.
An increase was observed in the phishing and social engineering attacks against companies.
Evidence of fake WhatsApp messages was discovered that attracted people with a fake deal by Indian Oil.
The “offer” is hosted by a third-party service that was different from those who own the domain.
They are designed to trick users into sharing confidential details such as passwords and other information about access.
The study highlights the dire situation of an increasing amount of cyberattacks that target the critical infrastructure of firms in India.
These types of attacks could disrupt day-today operations, create chaos and cause financial losses as a result of delays, ransom payments cost for recovery, other unexpected costs.
The number of attacks has increased over the last year across the globe and include US companies, like Colonial Pipeline and JBS Foods who were hit by ransomware in 2021.
Chinese Attack On Indian Cos
In the month of March, the UK-based cybersecurity company Recorded Future warned about a Chinese state-backed attack campaign that targets power firms in India.
It was flagged for the possibility of similar power-grid attacks throughout this country back in the month of February.
The company said that over the last few months it has observed potential intrusions into networks targeting at most seven Indian state load despatch centers (SLDCs).
They are accountable for executing real-time operations to control grids and electricity dispatch in these states.
They were found in northern India and near the border between Indo-China, which is disputed, in Ladakh.
The Chinese state-backed hacker group known as RedEcho was able to hack electricity grids in India in the past year.
But here, it targeted an entirely different group of organisations that were victims.
In addition to the electricity grid assets the attack posed a risk at the nation’s emergency system, as well as that of the Indian branch of a multi-national logistics company owned by the same company.